[flatpak] Flathub reports Thunderbird as potentially unsafe
Categories
(Thunderbird :: OS Integration, task, P2)
Tracking
(Not tracked)
People
(Reporter: heather, Assigned: dandarnell)
Details
(Keywords: flatpak)
Attachments
(1 file)
|
83.80 KB,
image/png
|
Details |
flatpak-poentially-unsafe-perms.png
Flathub is the platform where the official Thunderbird flatpak is shipped from: https://flathub.org/apps/org.mozilla.Thunderbird
On this flathub page it says that this flatpak is "Potentially Unsafe" and could scare users. If you click on that, you get a list of "unsafe" permissions our flatpak has access too (see attached screenshot). We should work towards removing all of these warnings.
|
||
Comment 1•13 days ago
|
||
Thanks for opening. I had a task in the backlog but no bug so I'll add this bug to it.
|
|
||
Updated•13 days ago
|
|
Assignee | |
Comment 2•12 days ago
|
||
We might be able to get rid of one or two of these permissions.
Unfortunately, permissions are tricky to get rid of without also impeding features users expect from Thunderbird (e.g. Thunderbird being able to download attachments to the user's ~/Downloads directory). It's a tricky balance not alienating those who choose to use Flatpak, since using the Thunderbird Flatpak should ideally be as seamless as using other variations of Thunderbird.
Additionally, these "potentially unsafe" permissions are the same permissions that the non-Flatpak variations of Thunderbird need to work, so it's more a matter of negative user perception. Maybe we could have a breakdown of how each permission is used in the Flathub listing description?
Which permissions should/shouldn't be default long-term probably ought to be opened to internal/community feedback of some sort, since I am only one opinion. :)
Description
•